Fake-register your Paperwhite 5.2.x to use collections and other blocked features

Amazon needlessly limits the functionality of your unregistered Kindle Paperwhite, such as disabling the Collections and Wikipedia widget features.

To unlock all of your Kindle's functionality you either have to register (and grant them access to juicy analytics) or trick the Kindle into thinking it's registered.

The following process is only for developers who are comfortable with SSH, SCP, and the possibility of bricking their devices. Someone better than myself can make this into a more streamlined process. I've only done this on my own Kindle Paperwhite Wi-Fi running 5.2.0 (1729740065).

Overview:
Like previous versions, the /var/local/java/prefs/reginfo file must be populated with your account credentials. This file can be created locally and sent to your Kindle via SSH/scp.

Unlike previous versions Amazon will remotely unregister your Kindle whenever it phones home, which happens periodically and whenever you connect to Wi-Fi. To prevent this I've added iptables rules that run as soon as an interface is brought up. Note that I've created a blacklist of individual IPs...I currently believe that this list isn't comprehensive, and more work needs to be done by developers to add to it or create a more robust solution.

Procedure:

Update:
Twobob and knc1 replied with some excellent comments on this procedure. Notably the individual IP addresses can be replaced with ranges of IPs, which will all but guarantee the device will never communicate with Amazon's update servers, and there's an existing iptables configuration file that can be used as the target for iptables-save.

I've updated the relevant steps to include these better procedures.

0. Pray to your personal God that you don't create a foolish iptables rule that locks you out of USB networking.

1. Jailbreak

2. Enable USB networking and set your SSH password

3. Go into airplane mode

4. Plug in USB and connect. You'll have to set your IP address to something in the 192.168.15.x range (not 254)

5. Create a reginfo file on your local computer that fits the following template:

It's now necessary to prevent your Kindle from phoning home with Amazon's servers.

Deprecated instructions:

Spoiler:

I've determined these IPs by letting my Kindle sync and then checking its active connections...As such, I can guarantee that this isn't an inclusive list and it's probably dependent on your locale. Thus your Kindle may still spontaneously de-register until developers have fully populated this list of Amazon servers. (Alternatively, maybe we can figure out a domain to block.)

8. Enable USB networking again and SSH into the device

9. Start adding iptables rules in the shell. If at this point you totally screw up, you can reboot and your changes won't be saved.

These commands instruct your Kindle's firewall to silently drop all outbound requests to those destinations. Again, there may be other Amazon auth servers that will have to be discovered via trial and error.

10. Run iptables -L and verify that these entries exist. Run something like

11. In the SSH session run iptables-save (first by itself to verify that it spits out a list of rules) then run:

Code:

iptables-save > /etc/sysconfig/iptables

This produces a file that contains the current state of your firewall, and it will be automatically loaded.

Deprecated instructions:

Spoiler:

Code:

iptables-save > /etc/iptables.conf

This produces a file that contains the current state of your firewall, and can be loaded to restore this state.

We're going to instruct the Kindle to load these rules whenever it connects to a network.

12. Set the permissions on that file by running these commands in your SSH shell:

Code:

chmod 644 /etc/iptables.conf
chown root:root /etc/iptables.conf

13. Create a local file called iptables:

Code:

#!/bin/sh
# Note: if bad rules are inadvertently (or purposely) saved it could block
# access to the server except via a local shell.
# Paths verified only on Kindle 5.2.0
RESTORE=/usr/sbin/iptables-restore
STAT=/bin/stat
IPSTATE=/etc/iptables.conf
test -x $RESTORE || exit 0
test -x $STAT || exit 0
# Check permissions and ownership (rw------- for root)
if test `$STAT --format="%a" $IPSTATE` -ne "600"; then
echo "Permissions for $IPSTATE must be 600 (rw-------)"
exit 0
fi
# Since only the owner can read/write to the file, we can trust that it is
# secure. We need not worry about group permissions since they should be
# zeroed per our previous check; but we must make sure root owns it.
if test `$STAT --format="%u" $IPSTATE` -ne "0"; then
echo "The superuser must have ownership for $IPSTATE (uid 0)"
exit 0
fi
# Now we are ready to restore the tables
$RESTORE < $IPSTATE

14. On your local machine, use scp to push this file to the Kindle, in the directory /etc/network/if-pre-up.d/iptables:

Code:

scp iptables root@192.168.15.244:/etc/network/if-pre-up.d/

The scripts inside that directory are run whenever an interface is activated. Thus your "iptables" script will be executed automatically, and your firewall will revert to the state you've saved in /etc/iptables.conf.

Thus, you can see that if you want to make future changes to your firewall, you must update the iptables.conf file using

17. Verify that your Kindle still appears to be registered. If step 7 worked but your Kindle has now de-registered, it's because it's chosen a new Amazon auth server. If you wish to help this hack you may now:

<add> a note about removing that Amazon "push port" and that the very lax "ACCEPT" rule as shown for ssh should only be used with public key authentication.

So yup. The port 40317 is Amazon specific. lord only knows what it's for quite honestly. one could posit remote support. I'll leave that there. It could be nerfed easily.

The SSH rule really is a bit of a whore, IIRC Niluje has nailed has nailed it down on the device with IP -> IP rules in the config.

But if you are allowing SSH access from everywhere. think about the implications of that. Usually "No implications that matter" but that doesn't mean it never applies. A public key is a good idea and that's what I use.

Thanks Knc1

Last edited by twobob; 10-08-2012 at 08:12 PM.
Reason: http://www.mobileread.com/forums/showthread.php?t=167675

I can almost channel down to the offices and hear that conversation's echos:

Manager, SysConfig: "I see that you have not met your quota this month."
Jr Code Cutter: "But sir, I wrote 1,996 lines of scripting."
Manager, SysConfig: "go write a few more lines of comments so we can bill this thing."